Relationship between sessions and cookies in JSP

Overview:
Specifically, the cookie mechanism adopts the client-side persistence scheme, while the session mechanism adopts the server-side persistence scheme.
At the same time, we can also see that the server-side persistence scheme also needs to save an identifier on the client, so the session
The cookie mechanism may be used to save the identity, but there are other options.

Reference: JSP entry-developer-wanwei sharing station (dev.w3pub.com)

Argument:
If the session has nothing to do with the cookie, what if the server determines that session belongs to that user. The only way to judge is to write a sessionid to the client, and then compare the sessionid of the client with the sessionid of the server each time. Inconsistent sessions will expire. After I disabled my browser cookie, The csdn and Netease communities told me that I had timed out. You can give it a try. In JSP, you can rewrite the URL to solve this problem, that is, add sessionid to the end of the URL. You can also log on to the Sina mail system and check that its URL is followed by a large segment of characters.

Source: Java/web development-csdn community community.csdn.net

Several Methods for saving session IDs
A. The cookie can be used to save the session ID. In this way, the browser can automatically send the ID to the server according to the Rules during the interaction process.
B. because the cookie can be artificially disabled, there must be other mechanisms so that the session ID can still be passed back to the server when the cookie is disabled. a frequently used technology is called URL rewriting, the session ID is appended to the URL path. There are two additional methods, the other is appended to the URL as a query string. The network remains in the State throughout the interaction process, and the session ID must be included after the path that each client may request.
C. Another technique is form hidden fields. The server automatically modifies the form and adds a hidden field so that the session ID can be passed back to the server when the form is submitted.

Reference: JSP entry-developer-wanwei sharing station (dev.w3pub.com)

Definition:

The servlet container uses this interface to create a session between an HTTP client and an HTTP server. the session persists for a specified time period, because Ss more than one connection or page request from the user. A session usually corresponds to one user, who may visit a site frequently times. the server can maintain a session in every ways such as using cookies or rewriting URLs.

Reference: httpsession (servlet API Documentation)

 

Conclusion:

Both cookie and URL are used to save a unique tag on the client. When downloading and accessing the client, the browser knows which client this is and finds the customer's information in the session. because it is more troublesome to put it in the URL, it is generally used to customize the security options in IE in the cookie. When you select to accept the cookie, you will see that each session will give you a cookie, the value is unique. both cookie and URL are submitted when accessing the page.